package com.peiwan.user.config;

import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

@Component
public class UserSecurity {
    
    public boolean checkUsername(Authentication authentication, String username) {
        // 如果用户是管理员，允许访问
        if (authentication.getAuthorities().stream()
                .anyMatch(auth -> auth.getAuthority().equals("admin"))) {
            return true;
        }
        // 如果用户名匹配当前登录用户，允许访问
        return authentication.getName().equals(username);
    }
} 